NAS-IP-address == "10.1.2.0/24" allowed?
Min Qiu
mqiu at globalinternetworking.com
Tue Jan 24 00:47:59 CET 2006
Hi,
Again, newbie question that I failed to find the anwser
from FAQ or wiki.
I would like to restrict user login by NAS-IP-address or
fqdn if possible. Therefore I can restrict user to login
a group of devices.
user1 Auth-Type := Local, User-Password == "sceret",
NAS-IP-address =="10.1.2.0/24"
...
It works if NAS-IP-address == "10.1.2.3", but that will
require ~250 entries in users file. Can it be group into
/24 or is NAS-Network-address exist? How about using DNS
name, something like
user1 Auth-Type := Local, User-Password == "sceret",
NAS-fqdn =~ /*.(core|edge).domain/
...
Thanks a lot,
Min
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 3145 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060123/527f38b7/attachment.bin>
More information about the Freeradius-Users
mailing list